<?php
/*
 * Search for the recipe
 */
// authenticate user first
F3::call('authentication.php');
if (F3::exists('auth_error'))
{
  // authentication failed
  return;
}

if(!F3::exists('GET.search')){//search is the input string
	header('HTTP/1.1 500');
	header("Content-Type: application/json");
	$err = array("error_message" => "No search parameters supplied.");
	echo json_encode($err);
	return;
}

$id = F3::get('SESSION.user_id');
$search = explode("*", F3::get('GET.search'));

$create_view = "create or replace view search_recipe AS (SELECT rid from recipes where privacy = 3) union (SELECT rid from recipes where privacy = 1 AND author =".$id.") union (SELECT rid from recipes where privacy = 2 AND author = (SELECT id1 from friends where id2 = ".$id."))";
DB::sql($create_view);
$tag_view = "create or replace view tag AS SELECT * from (search_recipe NATURAL JOIN recipe_tags)";
DB::sql($tag_view);
$in_view = "create or replace view total as select * from (tag NATURAL JOIN recipe_ingredients)";
DB::sql($in_view);
if($search[0]==""&&$search[1]==""){
	$searchstring="SELECT DISTINCT rid from total";
	$result = DB::sql($searchstring);
	header('HTTP/1.1 200');
	header("Content-Type: application/json");
	echo json_encode($result);
	return;
}
if($search[0]==""){
	$searchstring = "SELECT DISTINCT rid from total where";
	$ingredients = explode(":",$search[1]);
	$count_in = count($ingredients);
	if($count_in>0){
		$param = array('1'=>$ingredients[0]);
		$inid = DB::sql("select id from ingredients where name = ?",$param);
		if(count($inid)==0){
			header('HTTP/1.1 500');
			header("Content-Type: application/json");
			$err = array('1'=>"The ingredient doesn't exist");
			echo json_encode($err);
			return;
		}
		$searchstring = $searchstring." inid=".($inid[0]['id']);
		for($i=1;$i<count($ingredients);$i++){
			$param = array('1'=>$ingredients[$i]);
			$inid = DB::sql("SELECT id from ingredients where name = ?",$param);
			if(count($inid)==0){
				header('HTTP/1.1 500');
				header("Content-Type: application/json");
				$err = array('1'=>"The ingredient doesn't exist");
				echo json_encode($err);
				return;
			}
			$searchstring = $searchstring." or inid=".($inid[0]['id']);
		}
	}
	$result = DB::sql($searchstring);
	header('HTTP/1.1 200');
	header("Content-Type: application/json");
	echo json_encode($result);
	return;
}
$searchstring = "SELECT DISTINCT rid from total where";

//tags
$tags = explode(":",$search[0]);
if(count($tags)>0){
	$param = array('1'=>$tags[0]);
	$tid = DB::sql("select id from tags where name = ?",$param);
	if(count($tid)==0){
		header('HTTP/1.1 500');
		header("Content-Type: application/json");
		$err = array('1'=>"The tag doesn't exist");
		echo json_encode($err);
		return;
	}
	$searchstring = $searchstring." (tid=".($tid[0]['id']);

	for($i=1;$i<count($tags);$i++){
		$param = array('1'=>$tags[$i]);
		$tid = DB::sql("select id from tags where name = ?",$param);
		if(count($tid)==0){
			header('HTTP/1.1 500');
			header("Content-Type: application/json");
			$err = array('1'=>"The tag doesn't exist");
			echo json_encode($err);
			return;
		}
		$searchstring = $searchstring." OR tid=".($tid[0]['id']);
	}
	$searchstring = $searchstring.")";
}

//ingredients:
if($search[1]==""){
}
else
{
	$ingredients = explode(":",$search[1]);
	$count_in = count($ingredients);
	if($count_in>0){
		if(count($tags)>0){
			$searchstring = $searchstring." AND (";
		}
		$param = array('1'=>$ingredients[0]);
		$inid = DB::sql("select id from ingredients where name = ?",$param);
		if(count($inid)==0){
			header('HTTP/1.1 500');
			header("Content-Type: application/json");
			$err = array('1'=>"The ingredient doesn't exist");
			echo json_encode($err);
			return;
		}
		$searchstring = $searchstring."inid=".($inid[0]['id']);
		
		for($i=1;$i<count($ingredients);$i++){
			$param = array('1'=>$ingredients[$i]);
			$inid = DB::sql("SELECT id from ingredients where name = ?",$param);
			if(count($inid)==0){
				header('HTTP/1.1 500');
				header("Content-Type: application/json");
				$err = array('1'=>"The ingredient doesn't exist");
				echo json_encode($err);
				return;
			}
			$searchstring = $searchstring." or inid=".($inid[0]['id']);
		}
		$searchstring = $searchstring.")";
	}
}
$result = DB::sql($searchstring);
header('HTTP/1.1 200');
header("Content-Type: application/json");
echo json_encode($result);
return;
?>